Appian Cloud is designed to operate in the most demanding enterprise environments
Compliance and certifications
- SOC 2 Type II
- SOC 3
- PCI DSS
- HIPAA
- FDA 21 CFR Part 11
- DoD Impact Levels 4 and 5 in US Federal
- FedRAMP
- StateRAMP
- HITRUST
- Canada Protected B
- UK Cyber Essentials Plus
- Spain’s National Security Framework (ENS)
- NIST
Strong security out of the box for all users
- Distributed denial-of-service (DDoS) protection
- Data loss prevention (DLP)
- Incident response
- 24/7/365 monitoring with security orchestration, automation, and response (SOAR), built as an Appian app
- Real-time intrusion detection and monitoring
- Comprehensive antivirus scans
- Enterprise-ready authentication and authorization with single sign-on (SSO)
- Integration authentication
- Inbound API authentication
- Encrypt sensitive data fields in user interfaces
- Row-level data fabric security with user access preview
Advanced security features aligned to premium tiers
- Custom TLS policies
- Trusted IP allow lists
- AWS PrivateLink (inbound and outbound)
- Multiple private connectivity options including VPN (inbound and outbound, dynamic and fault tolerant)
- Bring your own key (BYOK)
- Database encryption
- Log streaming
- Dedicated virtual private cloud (VPC)
- Annual customer audit
- Site data audit requests
- Annual security questionnaire
Encryption and data isolation
- Transport Layer Security (TLS) for end-user connections
- Disk encryption to secure data at rest
- Customer data backups are encrypted
- Secure connection channels with customer data sources
- Each customer is allocated a virtual server(s) and virtual drive(s) for application server, Appian application, and database use—and these are never shared with other customers
Continuous monitoring
- Monitoring for advanced threats using our proprietary SOAR platform (built on Appian)
- Security notifications
- Performance and health
- Platform response times
- Uptime/availability
- Compliance auditing
Security controls aligned to leading frameworks
- Access controls and authentication
- Audit and accountability
- Contingency planning
- Incident response
- Personnel and physical security
- Risk assessment
- System acquisition and integrity
- Systems communication protection
Appian’s tenancy and data storage protocol
- Local geography hosting
- Data segmentation
- Application segmentation
- Data replication within the same region
- Tenant instance isolation
- Regulatory compliance
Defense-in-depth protection
- Network intrusion detection system (IDS)
- Host IDS
- Web application firewall
- Network layer firewalls
- File integrity monitoring
- Strict access controls between infrastructure tiers
Third-party vulnerability testing and security reviews
- Vulnerability scanning
- Internal penetration testing
- External penetration testing
- Isolation architecture exploitation
- Customers are encouraged to perform their own vulnerability testing.
Personnel policies for globally distributed teams
- Appian Cloud personnel located in the United States, Canada, Mexico, United Kingdom, Spain, Germany, Italy, Australia, Japan, and India
- Formal screening process that includes a required background check
- Extensive cloud security training
- Continuous training on operational practices
Security incident reporting
- All submissions are investigated by the Security Incident Response Team
- Appian takes appropriate action in the form of hotfixes, upgrades, or published mitigation information
- Appian notifies affected customers
Appian Cloud is designed to operate in the most demanding enterprise environments.
Compliance and certifications
- SOC 2 Type II
- SOC 3
- PCI DSS
- HIPAA
- FDA 21 CFR Part 11
- DoD Impact Levels 4 and 5 in US Federal
- FedRAMP
- StateRAMP
- HITRUST
- Canada Protected B
- UK Cyber Essentials Plus
- Spain’s National Security Framework (ENS)
- NIST
Strong security out of the box for all users.
- Distributed denial-of-service (DDoS) protection
- Data loss prevention (DLP)
- Incident response
- 24/7/365 monitoring with security orchestration, automation, and response (SOAR), built as an Appian app
- Real-time intrusion detection and monitoring
- Comprehensive antivirus scans
- Enterprise-ready authentication and authorization with single sign-on (SSO)
- Integration authentication
- Inbound API authentication
- Encrypt sensitive data fields in user interfaces
- Row-level data fabric security with user access preview
Advanced security features aligned to premium tiers.
- Custom TLS policies
- Trusted IP allow lists
- AWS PrivateLink (inbound and outbound)
- Multiple private connectivity options including VPN (inbound and outbound, dynamic and fault tolerant)
- Bring your own key (BYOK)
- Database encryption
- Log streaming
- Dedicated virtual private cloud (VPC)
- Annual customer audit
- Site data audit requests
- Annual security questionnaire
Encryption and data isolation
- Transport Layer Security (TLS) for end-user connections
- Disk encryption to secure data at rest
- Customer data backups are encrypted
- Secure connection channels with customer data sources
- Each customer is allocated a virtual server(s) and virtual drive(s) for application server, Appian application, and database use—and these are never shared with other customers
Continuous monitoring
- Monitoring for advanced threats using our proprietary SOAR platform (built on Appian)
- Security notifications
- Performance and health
- Platform response times
- Uptime/availability
- Compliance auditing
Security controls aligned to leading frameworks
- Access controls and authentication
- Audit and accountability
- Contingency planning
- Incident response
- Personnel and physical security
- Risk assessment
- System acquisition and integrity
- Systems communication protection
Appian’s tenancy and data storage protocol
- Local geography hosting
- Data segmentation
- Application segmentation
- Data replication within the same region
- Tenant instance isolation
- Regulatory compliance
Defense-in-depth protection
- Network intrusion detection system (IDS)
- Host IDS
- Web application firewall
- Network layer firewalls
- File integrity monitoring
- Strict access controls between infrastructure tiers
Third-party vulnerability testing and security reviews
- Vulnerability scanning
- Internal penetration testing
- External penetration testing
- Isolation architecture exploitation
- Customers are encouraged to perform their own vulnerability testing.
Personnel policies for globally distributed teams
- Appian Cloud personnel located in the United States, Canada, Mexico, United Kingdom, Spain, Germany, Italy, Australia, Japan, and India
- Formal screening process that includes a required background check
- Extensive cloud security training
- Continuous training on operational practices
Security incident reporting
- All submissions are investigated by the Security Incident Response Team
- Appian takes appropriate action in the form of hotfixes, upgrades, or published mitigation information
- Appian notifies affected customers
Appian Protect offers one basic tier for all customers and three premium support tiers for advanced security:
Appian Protect | ||||
|---|---|---|---|---|
Feature | Basic | Essential | Advanced | Enterprise |
World-class platform security monitoring and response by the Appian security team using Appian's proprietary security orchestration, automation, and response (SOAR) solution | ✅ | ✅ | ✅ | ✅ |
Data loss prevention (DLP) | ✅ | ✅ | ✅ | ✅ |
Real-time intrusion detection monitoring and response for the Appian Platform | ✅ | ✅ | ✅ | ✅ |
Comprehensive antivirus scanning | ✅ | ✅ | ✅ | ✅ |
Enterprise-ready authentication and authorization with SSO (built-in or connect to your LDAP, SAML, OpenID Connect, Login.gov, or PIEE)† | ✅ | ✅ | ✅ | ✅ |
Integration authentication (OAuth 2.0, Google Service Account authentication, AWS Signature v4 authentication)† | ✅ | ✅ | ✅ | ✅ |
Inbound web API authentication (API keys, OAuth 2.0)† | ✅ | ✅ | ✅ | ✅ |
Encrypt sensitive data fields in user interfaces† | ✅ | ✅ | ✅ | ✅ |
Row-level data fabric security with user access preview† | ✅ | ✅ | ✅ | ✅ |
VPN (inbound and outbound, dynamic and fault-tolerant) | ✅ | ✅ | ✅ | |
AWS PrivateLink (inbound and outbound) | ✅ | ✅ | ✅ | |
Trusted IPs | ✅ | ✅ | ✅ | |
Custom TLS policies | ✅ | ✅ | ✅ | |
Bring your own key (AWS HSM or AWS KMS) | ✅ | ✅ | ||
Appian Cloud database encryption with AWS KMS | ✅ | ✅ | ||
Log streaming | ✅ | ✅ | ||
Enhanced business continuity | ✅ | ✅ | ||
Dedicated VPC | ✅ | |||
Annual customer audit | ✅ | |||
Site data audit requests | ✅ | |||
Annual security questionnaire | ✅ | |||
†Available to both Appian Cloud and self-managed customers.
Ready to talk?
See how the world’s fastest-growing organizations use Appian for process automation.
